NSO Group Pitched Its Spyware to the Secret Service

Westbridge Technologies, an American-branch of Israeli surveillance firm NSO Group, pitched its phone hacking product to the U.S. Secret Service, according to emails obtained by Motherboard.

The news provides more insight into NSO's attempted expansion into the United States, following similar attempts with city police departments. The emails also show Westbridge was trying to pitch NSO's phone hacking technology to U.S. agencies more recently than previously known; this time, some of the emails date from 2018.

"No requirement to be in proximity to the target, or conduct forensics. The owner of the device is NOT aware he is vulnerable," an email sent to the Secret Service reads. The sender's name is redacted, but their title is listed as President of Compass Stratagem LLC, a company based in Texas.

According to LinkedIn and other online records, the company's President is James Rose, a former senior Army intelligence official. The emails appear to show Compass Stratagem pitching the phone hacking technology on Westbridge's behalf. Rose did not respond to a request for comment.

The subject line of the email reads, "Vendor Meeting Request Westbridge Technologies." Motherboard obtained the emails through a Freedom of Information Act (FOIA) request to the Secret Service.

Westbridge has a phone hacking product called Phantom, according to a brochure obtained by Motherboard. A former NSO employee previously said that Phantom was "a brand name for U.S. territory," but the "same Pegasus," referring to NSO's Pegasus malware product.

NSO is most well known for selling Pegasus to authoritarian regimes such as Saudi Arabia and the United Arab Emirates which have used the product to spy on dissidents and human rights defenders. Earlier this month Motherboard confirmed with a former NSO employee that Spain has also been a customer; The Guardian and El Pais found that NSO malware was used to target the phones of top Catalan politicians.

One of the emails to the Secret Service says Westbridge's product offers "Superior smart phone exploitation," including geolocation of a target and interception of voice calls. The email also specifically mentions access to encrypted applications such as WhatsApp, Telegram, and Signal.

"These capabilities are MRL 10 and currently available for employment to support USSS [U.S. Secret Service] missions," the email from the Compass Stratagem president adds, with "MRL 10" referring to an industry term meaning the product is in full production.

"We welcome the opportunity to meet with your team and conduct a demonstration of these superior intelligence collection and exploitation capabilities," the email adds.

Another email from December 2016 with the subject heading of "Phantom demo," indicates some form of meeting may have taken place earlier on. That email was written by the director of another company called E-TEL Systems Corporation, according to the email signature. Mark Deyle, who is listed in online records as the director of the company, did not respond to a request for comment.

E-TEL has a number of contracts with government agencies including the DEA, according to public records. Motherboard previously reported how NSO tried to acquire other U.S. companies for their sales connections to the government.